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Status of the Claims 

1 . (Previously Presented) A system, comprising: 

at least one first entity comprising any of a user, a user agent and a 
5 principal; 

an authentication agency; 

means for sending a login request from the first entity to the authentication 

agency; 

means for receiving an assertion at the first entity from the authentication 
10 agency in response to the log in request; 

means for authenticating the first entity at a participant with the received 
assertion; 

means for sending a request for service on behalf of the first entity from a 
second entity comprising any of the participant and a service consumer 
15 associated with the participant to any of the authentication agency and a 
discovery service associated with the authentication agency, using the assertion; 
and 

means for an sending an authorization from the authentication agency to 
the second entity for the requested service in response to the sent request if the 
20 first entity is enabled for the requested service. 

2. (Previously Presented) The system of Claim 1 , further comprising: 

at least one identity associated with the first entity, and user information 
associated with at least one of the identities; and 
25 at least one core service associated with the system and related to at least 

a portion of the user information. 

3. (Previously Presented) The system of Claim 2, wherein the core service is 
accessible by the first entity. 

30 

4. (Previously Presented) The system of Claim 2, wherein the core service is 
accessible by the participant. 
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5. (Previously Presented) The system of Claim 2, wherein the core service is 
associated with one or more core service providers. 

5 6. (Previously Presented) The system of Claim 2, wherein the core service 
comprises any of an authentication service, a profile service, an alert service, a 
calendar service, an address book service and a wallet service. 

7. (Previously Presented) The system of Claim 1, wherein the authentication 
10 agency further comprises means for translating namespaces, such that a user 

identity of the first entity in a first namespace is translatable to a user identity in a 
second namespace. 

8. (Previously Presented) The system of Claim 7, wherein the user identity in 
15 the second namespace is encrypted. 

9. (Previously Presented) The system of Claim 7, wherein the user identity in 
the second namespace is time-abound. 

20 10. (Previously Presented) The system of Claim 1, wherein a user identity is 
associated with the first entity, and wherein the system further comprises: 

at least one core authentication record associated with the user identity, 
comprising any of services and links associated with the user identity. 

25 11. (Previously Presented) An system, comprising: 

an authentication agency for authenticating at least one first entity 
comprising any of a user, a user agent and a principal, and for sending 
assertions to the first entities; and 

at least one second entity comprising 
30 means for receiving the assertions from the first entities, 

means for authenticating the first entities at the second entity with 
the received assertions. 
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means for sending requests for service on behalf of tine first entities 
to any of the authentication agency and a discovery service associated 
with the authentication agency, using the received authentication 
information from said first entities, 
5 means for receiving authorizations sent from the authentication 

agency in response to the sent requests if the first entities are enabled for 
the requested services; and 

means for invoking the requested authorized services with the 
received authorizations. 

10 

12. (Previously Presented) The system of Claim 1 1, further comprising: 

a discovery module associated with the authentication agency and 
adapted to receive a user identifier associated with the first entity and a service 
name known to the system. 

15 

1 3. (Previously Presented) The system of Claim 1 1 , further comprising: 

at least one core service associated with the system and related to the first 

entity. 

20 14. (Previously Presented) The system of Claim 13, wherein the core service is 
accessible by the first entity. 

15. (Previously Presented) The system of Claim 13, wherein the core service is 
accessible by the second entity. 

25 

16. (Previously Presented) The system of Claim 13, wherein the core service is 
associated with one or more core service providers. 

17. (Previously Presented) The system of Claim 13, wherein the core service 
30 comprises any of an authentication service, a profile service, an alert service, a 

calendar service, an address book service and a wallet service. 
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18. (Previously Presented) The system of Claim 11, wherein the authentication 
agency further comprises means for translating namespaces, such that a user 
identity of a first entity in a first namespace is translatable to a user identity in a 
second namespace. 

5 

19. (Previously Presented) The system of Claim 18, wherein the user identity in 
the second namespace is encrypted. 

20. (Previously Presented) The system of Claim 18, wherein the user identity in 
10 the second namespace is time-bound. 

21. (Previously Presented) The system of Claim 11, wherein an Identity is 
associated with the first entity, and wherein the system further comprises: 

at least one core authentication record associated with the identity, 
1 5 comprising any of services and links associated with the identity. 

22. (Previously Presented) The system of Cjaim 1 1 , wherein the first entity is 
located at a device linked to the system. 

20 23. (Previously Presented) A process, comprising the steps of: 

sending a login request from a first entity to an authentication agency, the 
first entity comprising any of a user, a user agent and a principal; 

receiving an assertion at the first entity from the authentication agency in 
response to the log in request; 
25 authenticating at a participant through the first entity with the received 

assertion; 

sending a request for a service on behalf of the first entity from a second 
entity comprising any of the participant and a service consumer associated with 
the participant to any of the authentication agency and a discovery service 
30 associated with the authentication agency, using the assertion; and 
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sending an authorization from the authentication agency to the second 
entity for the requested service in response to the sent request if the principal is 
enabled for the requested service. 

5 24. (Previously Presented) The process of Claim 23, further* comprising the step 

of: 

establishing at least one core service associated with the system and 
related to the first entity. 

10 25. (Previously Presented) The process of Claim 24, wherein the core service is 
accessible by the first entity. 

26. (Previously Presented) The process of Claim 24, wherein the core service is 
accessible by the participant. 

15 

27. (Original) The process of Claim 24, wherein the core service is associated 
with one or more core service providers. 

28. (Previously Presented) The process of Claim 23, wherein the core service 
20 comprises any of an authentication service, a profile service, an alert service, a 

calendar service, an address book service and a wallet service. 

29. (Previously Presented) The process of Claim 23, further comprising the step 
of: 

25 translating namespaces, such that a user identity of a first entity in a first 

namespace is translated to a user identity in a second namespace. 

30. (Original) The process of Claim 29, further comprising the step of: 

encrypting the user identity in the second namespace. 

30 

31 . (Original) The process of Claim 29, wherein the user identity in the second 
namespace is time-bound. 
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32. (Previously Presented) The process of Claim 23, further comprising the 
steps of: 

establishing at least one identity associated with the first entity; and 
5 associating at least one core authentication record with the established 

identity, comprising any of services and links associated with the established 
identity. 

33. (Previously Presented) A process, comprising the steps of: 

1 0 providing an authentication agency networked to a service; 

establishing an identity at the authentication agency for a first entity 
comprising any of a user, a user agent and a principal; 

sending authentication information from the authentication agency to the 
first entity; 

15 authenticating the first entity at a participant with the authentication 

information; 

sending a request for a service on behalf of the principal from a second 
entity comprising any of the participant and a service consumer associated with 
the participant to any of the authentication agency and a discovery service 
20 associated with the authentication agency; 

sending an authorization from the authentication agency to the second 
entity to access the service on behalf of the first entity if the first entity is enabled 
for the service by the authentication agency; and 

establishing a link between the second entity and the service, based upon 
25 the authorization. 

34. (Previously Presented) The process of Claim 33, wherein the second entity 
comprises any of a network site, a service provider and a store. 

30 35. (Previously Presented) The process of Claim 33, wherein the authorization 
comprises a service descriptor and a service assertion, wherein the service 
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descriptor comprises means for locating tlie requested service and wlierein tine 
service assertion comprises a credential to establish the link. 

36. (Previously Presented) The system of Claim 1 , further comprising: 

5 means for invoking the requested service through the second entity using 

the authorization. 

37. (Previously Presented) The system of Claim 1 , wherein the participant 
comprises any of a network site, a service provider and a store. 

10 

38. (Previously Presented) The system of Claim 1, wherein the request for 
service comprises a service descriptor and a service assertion, wherein the 
service descriptor comprises means for locating the requested service, and 
wherein the service assertion comprises a credential to access the requested 

15 service. 

39. (Previously Presented) The system of Claim 1 , wherein at least one identity 
is associated with the first entity, comprising any of a personal identity, a 
business identity and an anonymous identity. 

20 

40. (Previously Presented) The system of Claim 11, wherein the second entity 
comprises any of a network site, a service provider and a store. 

41 . (Previously Presented) The system of Claim 1 1 , wherein the authorizations 
25 comprise a service descriptor and a service assertion, wherein the service 

descriptor comprises means for locating the requested service, and wherein the 
service assertion comprises a credential to access the requested service. 

42. (Previously Presented) The system of Claim 11, wherein at least one 
30 identity is associated with the first entity, comprising any of a personal identity, a 

business identity and an anonymous identity. 
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43. (Previously Presented) The process of Claim 23, further comprising the step 
of: 

invoking the requested service through the second entity using the 

authorization. 

5 

44. (Previously Presented) The process of Claim 23, wherein the participant 
comprises any of a network site, a service provider and a store. 

45. (Previously Presented) The process of Claim 23, wherein the authorization 
10 comprises a service descriptor and a service assertion, wheriein the service 

descriptor comprises means for locating the requested service and wherein the 
service assertion comprises a credential to invoke the requested service. 

46. (Previously Presented) The process of Claim 23, wherein at least one 
1 5 identity is associated with the first entity, comprising any of a personal identity, a 

business identity and an anonymous identity. 
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